Hi all,
I'm currently wondering what would be the best and most secure approach to do a new install in a cloud-environment?
So basically I can have a VM where opnsense is installed, but since it's a cloud environment, the only thing I have is a console access to the VM.
Network-wise, after install, I can only reach the VM from the WAN-side, where the GUI is blocked by default.
I want to get to the situation where I can use a VPN to connect to the firewall and then access the GUI over that VPN.
However, I first need to get to the GUI before being able to configure a VPN, chicken or the egg problem :)
So how would you approach something like this?
If I have it correctly, enabling SSH access via the console is not possible, adding firewall-rules to temporarily enable GUI access over the WAN is not possible via the console, ...
How do others tackle this?
Thanks for any input you can give here!
Login from console then hit 8 to access the shell, then disable the firewall with "pfctl -d".
Once you can login through the GUI the first thing to do is disable the firewall again (Firewall->Settings->Advanced->Disable all packet filtering)
You can always enable it again once you are done with your initial setup.